Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

DualShield Server configuration. 

  1. Go to DMC / Radius / Radius Client, click "Register"
  2. Provide name, select Radius server and Application, add both NetScaler's IP address & NetScaler Subnet IP address to Radius client's IP address, and share secret.  Click "Save"
    Image Removed

 

This tutorial shows how to configure a cluster with two DualShield Radius servers. This cluster is load-balanced by Citrix Netscaler load balancer.

NetScaler Configuration

  1. Create a fixed radius monitor user in your AD, eg: RadMonitor (note: Excluding this user from using 2 factor authentication)
  2. Go to NetScaler/Traffic Management/Load Balancing/Monitors, click "ADDAdd"
  3. Give the new monitor name: DSRadius_monitor, type "Radius"
    Image RemovedClick on a name, e.g "Radius_Monitor", and select type "RADIUS"
    Image Added

  4. Click "Special Parameter" tab, and add the fixed monitor user name, password, and radius shared secret. Click "Create". 
    Image RemovedImage Added
  5. Go to Traffic Management \ Load Balancing \ Servers. Click "ADDAdd".
  6. Provide Radius servers name and IP. Click "Create"
    Image RemovedImage Added

  7. Go to Traffic Management \ Load Balancing \ Service. Click "ADDAdd".
  8. Provide service name, select corresponding server, chose "UDP" protocol, and "1812" port. Click "OK"
    Image RemovedImage Added

  9. On the monitors section, bind the "Radius_monitor" created in previous step.
    Image RemovedImage Added
  10. Repeat the steps 5-9 to add all your radius server for load balancing.
  11. Go to Traffic Management \ Load Balancing \ Virtual Server. Click "ADD".
  12. Provide virtual server name, protocol "UDP", IP address, and port "1812". Click "OK"
    Image RemovedImage Added
  13. On the services and service groups section, bind all the radius services created in the previous steps. 

On the method section, chose your ideal load balancing method. Click OK. 

...

Image Added

DualShield Server configuration. 

  1. Go to DMC / Radius / Radius Client, click "Register"
  2. Provide name, select Radius server and Application, add both NetScaler's IP address & NetScaler Subnet IP address to Radius client's IP address, and share secret.  Click "Save"
    Image Added


That's it. You can now load balancing Radius servers via the Virtual server on NetScaler. 

Reference: http://www.carlstalhood.com/radius-load-balancing-10-5/